CVE-2023-40583
- EPSS 0.24%
- Veröffentlicht 25.08.2023 21:15:09
- Zuletzt bearbeitet 21.11.2024 08:19:45
libp2p is a networking stack and library modularized out of The IPFS Project, and bundled separately for other tools to use. In go-libp2p, by using signed peer records a malicious actor can store an arbitrary amount of data in a remote node’s memory....
CVE-2022-23492
- EPSS 0.59%
- Veröffentlicht 08.12.2022 01:15:09
- Zuletzt bearbeitet 21.11.2024 06:48:40
go-libp2p is the offical libp2p implementation in the Go programming language. Version `0.18.0` and older of go-libp2p are vulnerable to targeted resource exhaustion attacks. These attacks target libp2p’s connection, stream, peer, and memory manageme...
CVE-2022-23486
- EPSS 0.32%
- Veröffentlicht 07.12.2022 21:15:10
- Zuletzt bearbeitet 21.11.2024 06:48:39
libp2p-rust is the official rust language Implementation of the libp2p networking stack. In versions prior to 0.45.1 an attacker node can cause a victim node to allocate a large number of small memory chunks, which can ultimately lead to the victim’s...
CVE-2022-23487
- EPSS 0.34%
- Veröffentlicht 07.12.2022 21:15:10
- Zuletzt bearbeitet 21.11.2024 06:48:39
js-libp2p is the official javascript Implementation of libp2p networking stack. Versions older than `v0.38.0` of js-libp2p are vulnerable to targeted resource exhaustion attacks. These attacks target libp2p’s connection, stream, peer, and memory mana...